In api-tools-oauth2/src/Adapter/BcryptTrait.php, using checkPassword() is demanding that the input parameters "must be of type string, array given" , but the function clearly expects $user to be an array. See function below. $user['password'] is what is used in the function. This is causing a break in authentication using the password grant_type in oauth 2.0.
The previous function would a have accepted an array
Current behavior
The current function no longer accepts and array, and is insisting on a string
How to reproduce
Carry out a password grant_type authentication using the previous library version it should work.
Carry out a password grant_type authentication using the current library version it should now fail.
Alternatively,
In BcryptTrait.php, the password grant_type will fail with checkPassword until 'string $user' is changed to '$user' in: protected function checkPassword(string $user, string $password): bool
Perhaps change the typing to the string|array $user
BC Break Report
Summary
In api-tools-oauth2/src/Adapter/BcryptTrait.php, using checkPassword() is demanding that the input parameters "must be of type string, array given" , but the function clearly expects $user to be an array. See function below. $user['password'] is what is used in the function. This is causing a break in authentication using the password grant_type in oauth 2.0.
** protected function checkPassword(string $user, string $password): bool { return $this->verifyHash($password, $user['password']); }Previous behavior
The previous function would a have accepted an array
Current behavior
The current function no longer accepts and array, and is insisting on a string
How to reproduce
Carry out a password grant_type authentication using the previous library version it should work. Carry out a password grant_type authentication using the current library version it should now fail.
Alternatively, In BcryptTrait.php, the password grant_type will fail with checkPassword until 'string $user' is changed to '$user' in: protected function checkPassword(string $user, string $password): bool
Perhaps change the typing to the string|array $user